//$URL: http://dasding.googlecode.com/svn/branches/spring-security/demos/jax-rs-springsecurity/src/main/java/de/piratech/jaxrs/security/CustomAuthenticationManager.java $
//$Id: CustomAuthenticationManager.java 55 2012-10-16 11:57:28Z amuthmann@gmail.com $
package de.piratech.jaxrs.security;

import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/**
 */
public class CustomAuthenticationManager implements AuthenticationManager {

  public Authentication authenticate(Authentication auth) throws AuthenticationException {

    User user = null;

    // TODO: load user from DB
    user = new User();
    user.setUserId(auth.getName());
    user.setEmailAddress("foo@piratech.de");
    if (StringUtils.equals(auth.getName(), "admin"))  {
      user.addRole(User.Role.Admin);
    }
    else {
    }
    user.addRole(User.Role.User);

    // TODO: compare passwords

    return new UsernamePasswordAuthenticationToken(user, auth.getCredentials());
  }
}
